WordPress 2.3.3 is an urgent security release. A flaw was found in our XML-RPC implementation such that a specially crafted request would allow any valid user to edit posts of any other user on that blog. In addition to fixing this security flaw, 2.3.3 fixes a few minor bugs. If you are interested only in the security fix, download the fixed version of xmlrpc.php and copy it over your existing xmlrpc.php. Otherwise, you can get the entire release here.

Frewfrux: This might seem overly obvious in hindsight, but don’t change the “Default” theme. If that’s your base, make a copy of it in a sep. theme directory and work from there. That way, updates to Default won’t impact you.